VulnScope — package-centric CVE lookup

Search

1,770 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

CRITICAL9.8CVE-2026-42010EPSS 0.13%A flaw was found in gnutls.5/7/2026
CRITICAL9.1EPSS 0.14%Spring Cloud Config vulnerable to Path Traversal5/7/2026
CRITICAL9.1EPSS 0.30%Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users5/6/2026
LOW3.7EPSS 0.05%Micronaut has Unbounded `bundleCache` in `ResourceBundleMessageSource` that Allows Memory Exhaustion via `Accept-Language` Header5/6/2026
CRITICAL9.1EPSS 0.11%Apache Wicket has a Session Fixation issue5/6/2026
CRITICAL9.0EPSS 0.01%ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases5/5/2026
CRITICAL9.8EPSS 0.02%Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()5/5/2026
LOW2.4EPSS 0.03%Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser5/5/2026
CRITICAL10.0EPSS 0.13%Eclipse BaSyx Java Server SDK vulnerable to Path Traversal5/5/2026
CRITICAL9.0EPSS 0.10%Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns5/4/2026
CRITICAL9.1EPSS 0.06%OpenMRS has Stored Velocity SSTI to RCE via ConceptReferenceRange5/4/2026
CRITICAL9.9EPSS 0.12%Apache Polaris has an Improper Input Validation issue5/4/2026
CRITICAL9.9EPSS 0.11%Apache Polaris has an Improper Input Validation issue5/4/2026
CRITICAL9.9EPSS 0.11%Apache Polaris has an Improper Input Validation Issue5/4/2026
CRITICAL9.9EPSS 0.10%Apache Polaris has an Improper Input Validation Issue5/4/2026
CRITICAL9.8EPSS 0.64%Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest5/4/2026
CRITICAL9.1EPSS 0.11%Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing5/4/2026
CRITICAL9.8EPSS 0.08%Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41635 Incomplete Fix)5/1/2026
CRITICAL9.8EPSS 0.29%Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41409 Incomplete Fix)5/1/2026
CRITICAL10.0EPSS 0.09%Shopizer has a path traversal issue4/30/2026
LOW3.7EPSS 0.02%A flaw was found in gnutls.4/30/2026
CRITICAL9.1EPSS 0.10%A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow du…4/30/2026
LOW3.7EPSS 0.04%A flaw was found in gnutls.4/30/2026
CRITICAL9.0EPSS 0.05%Jenkins GitHub Plugin has an XSS vulnerability4/29/2026
LOW3.7EPSS 0.07%xxl-job has a Resource Injection issue4/29/2026

← PrevPage 2 of 71Next →